Nginx $server_name in if statement

Question

It seems like this is not working:

server_name blabla.bla;    
    location ~* (wp-comments-posts|wp-login)\.php$ {
            if ($http_referer !~ ^(http://$servername) ) {
            return 405;
            }
     }

While

server_name blabla.bla;    
    location ~* (wp-comments-posts|wp-login)\.php$ {
            if ($http_referer !~ ^(http://blabla.bla) ) {
            return 405;
            }
     }

works just fine. Is this expected and if so why? Or am I doing something wrong here?

Answer 1

Regular expressions are compiled while reading configuration, thus they cannot contain variables.

Also please note:

• http://wiki.nginx.org/IfIsEvil
• http://nginx.org/en/docs/http/ngx_http_referer_module.html

Answer 2

If you have the referer module you might like this one, this will ONLY allow the current server names to be valid referrers. All others will return as 405 error.

        location ~* (wp-comments-post)\.php$ {
            valid_referers server_names;
            
            if ( $invalid_referer ) {
                    return 405;
            }

            ### Do your stuff here
              
        }